2 Answers
2

I'm assuming an openldap instance here, but the slapcat utility may prove useful. A few years ago I was running an ldap instance that was frequently blowing up its indices, so its fairly common to slapcat the database to a big ldif file, move out the db files, and then slapadd to regenerate the db from the ldif.

One of our machines running a third party system that used LDAP for authentication amongst other things has upset its LDAP setup before now (I've never worked out how as there are generally no graceless stops that I can account for).

The following has always worked to sort it:

make sure the ldap daemon is stopped:/etc/init.d/ldap stop

take a backup of the curent state just in case: cd /var/lib/ldap-dpp/ rmdir -rfv /home/tmp_ldap/ mkdir /home/tmp_ldap cp * /home/tmp_ldap/ -av

run the recovery tool to rerun/clear out the transactions in the log: /usr/sbin/slapd_db_recover -v

restart the ldap service:/etc/init.d/ldap start

(replacing any paths with correct ones for your system, of course)

If this fails, you have a backup from step 2 to roll back to ready to try something else. It might be worth taking a full system backup now before taking any steps to fix the issue, in case the attempts to fix things make something worse.